Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
@flatfile/filter-builder
Advanced tools
Flatfile Filter Builder
Purpose
All of the filtering/sorting/pagination capabilities in X currently operate through use of dedicated url parameters. e.g. GET records?sortField=first_name&sortDirection=asc&filterField=last_name&filter=error&versionId=dev_vr_123456. This has proven cumbersome to use, difficult to maintain, and lacking in the flexibility needed by our end users. The goal of filter-builder is to replace these url parameters with a structured, queryable, consistent filtering pattern that can be used across the application and expanded ad infinitum.
Implementation
filter-builder introduces several new patterns.
The first pattern is that of the Filter object. This object contains all the necessary information needed to filter, sort, and paginate a record set. Filter establishes a strict contract that the ephemeral module can expect and parse in a consistent manner.
The second pattern is that of the Flatfile Query Language (FFQL). FFQL is a strict, logical query language that can be parsed into a Filter object. The query language operates as follow:
// Old Filtering...
GET records?sortField=first_name&sortDirection=asc&filterField=last_name&filter=error&versionId=dev_vr_123456
// New Filtering using FFQL
GET records?q=last_name is error&sort=first_name asc&versionId=dev_vr_123456
FFQL is extensible and fully logically parsable, opening up previously unsupported techniques:
GET records?q=((age gte 18 and age lte 65) or first_name eq Bender) and is error
The following operations are supported:
// Data Filter Operators
'eq' | 'ne' | 'gte' | 'gt' | 'lt' | 'lte' | 'like'
// Message Filter Operators
'is'
// Message Filter Statuses
'error' | 'warning' | 'info' | 'valid'
// Logical Filter Operators
'and' | 'or'
Notes
The filter-builder package is complete and has 100% test coverage, but has not been implemented anywhere in the application at this time. Forward rolling changes will need to take into account backwards compatibility and multiple ephemeral storage strategies.
FAQs
## Purpose
The npm package @flatfile/filter-builder receives a total of 5 weekly downloads. As such, @flatfile/filter-builder popularity was classified as not popular.
We found that @flatfile/filter-builder demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 27 open source maintainers collaborating on the project.
Package last updated on 22 Apr 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025